Vulmon
Recent Vulnerabilities
Research Posts
Trends
Blog
About
Contact
Vulmon Alerts
By Relevance
By Risk Score
By Publish Date
manageengine netflow analyzer vulnerabilities and exploits
(subscribe to this query)
6.1
CVSSv3
CVE-2018-12998
A reflected Cross-site scripting (XSS) vulnerability in Zoho ManageEngine Netflow Analyzer before build 123137, Network Configuration Manager before build 123128, OpManager before build 123148, OpUtils before build 123161, and Firewall Analyzer before build 123147 allows remote m...
Zohocorp Manageengine Netflow Analyzer -
Zohocorp Firewall Analyzer -
Zohocorp Manageengine Opmanager -
Zohocorp Manageengine Oputils -
Zohocorp Manageengine Network Configuration Manager -
6.1
CVSSv3
CVE-2018-10803
Cross-site scripting (XSS) vulnerability in the add credentials functionality in Zoho ManageEngine NetFlow Analyzer v12.3 prior to 12.3.125 (build 123125) allows remote malicious users to inject arbitrary web script or HTML via a crafted description value. This can be exploited t...
Zohocorp Manageengine Netflow Analyzer
NA
CVE-2015-2959
Zoho NetFlow Analyzer build 10250 and previous versions does not check for administrative authorization, which allows remote malicious users to obtain sensitive information, modify passwords, or remove accounts by leveraging the guest role.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2015-2960
Cross-site scripting (XSS) vulnerability in Zoho NetFlow Analyzer build 10250 and previous versions allows remote malicious users to inject arbitrary web script or HTML via unspecified vectors.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2015-2961
Cross-site request forgery (CSRF) vulnerability in Zoho NetFlow Analyzer build 10250 and previous versions allows remote malicious users to hijack the authentication of administrators.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2015-4418
Zoho NetFlow Analyzer build 10250 and previous versions does not have an off autocomplete attribute for a password field, which makes it easier for remote malicious users to obtain access by leveraging an unattended workstation.
Zohocorp Manageengine Netflow Analyzer -
NA
CVE-2014-9373
Directory traversal vulnerability in the CollectorConfInfoServlet servlet in ManageEngine NetFlow Analyzer allows remote malicious users to execute arbitrary code via a .. (dot dot) in the filename.
Manageengine Netflow Analyzer -
NA
CVE-2014-5445
Multiple absolute path traversal vulnerabilities in ZOHO ManageEngine Netflow Analyzer 8.6 up to and including 10.2 and IT360 10.3 allow remote attackers or remote authenticated users to read arbitrary files via a full pathname in the schFilePath parameter to the (1) CSVServlet o...
Zohocorp Manageengine It360 10.3.0
Zohocorp Manageengine Netflow Analyzer
1 EDB exploit
NA
CVE-2014-5446
Directory traversal vulnerability in the DisplayChartPDF servlet in ZOHO ManageEngine Netflow Analyzer 8.6 up to and including 10.2 and IT360 10.3 allows remote attackers and remote authenticated users to read arbitrary files via a .. (dot dot) in the filename parameter.
Zohocorp Manageengine It360 10.3.0
Zohocorp Manageengine Netflow Analyzer 9.1
Zohocorp Manageengine Netflow Analyzer 9.5
Zohocorp Manageengine Netflow Analyzer 9.9
Zohocorp Manageengine Netflow Analyzer 10.0
Zohocorp Manageengine Netflow Analyzer 9.6
Zohocorp Manageengine Netflow Analyzer 9.7
Zohocorp Manageengine Netflow Analyzer 10.2
Zohocorp Manageengine Netflow Analyzer 9.8
Zohocorp Manageengine Netflow Analyzer 9.8.5
Zohocorp Manageengine Netflow Analyzer 8.6
Zohocorp Manageengine Netflow Analyzer 9.0
Zohocorp Manageengine Netflow Analyzer 9.8.6
Zohocorp Manageengine Netflow Analyzer 9.8.7
1 EDB exploit
NA
CVE-2009-3903
Multiple cross-site scripting (XSS) vulnerabilities in jspui/index.jsp in ManageEngine Netflow Analyzer 7.5 build 7500 allow remote malicious users to inject arbitrary web script or HTML via the (1) view and (2) section parameters. NOTE: the provenance of this information is unkn...
Manageengine Netflow Analyzer 7.5
CVSSv3
CVSSv2
CVSSv3
VMScore
Recommendations:
NULL pointer dereference
CVE-2023-52689
CVE-2024-23803
client side
CVE-2023-52696
information disclosure
CVE-2024-35843
CVE-2024-27130
CVE-2023-52697
Vulnerability Notification Service
You don’t have to wait for vulnerability scanning results
Get Started
« PREV
1
2
3
4
NEXT »